summaryrefslogtreecommitdiffstats
path: root/ipaserver/install/plugins/update_managed_permissions.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipaserver/install/plugins/update_managed_permissions.py')
-rw-r--r--ipaserver/install/plugins/update_managed_permissions.py18
1 files changed, 18 insertions, 0 deletions
diff --git a/ipaserver/install/plugins/update_managed_permissions.py b/ipaserver/install/plugins/update_managed_permissions.py
index 2051bd4a2..71da562a3 100644
--- a/ipaserver/install/plugins/update_managed_permissions.py
+++ b/ipaserver/install/plugins/update_managed_permissions.py
@@ -96,6 +96,24 @@ from ipaserver.install.plugins.baseupdate import PostUpdate
register = Registry()
NONOBJECT_PERMISSIONS = {
+ 'System: Read Timestamp and USN Operational Attributes': {
+ 'ipapermlocation': api.env.basedn,
+ 'ipapermtargetfilter': {'(objectclass=*)'},
+ 'ipapermbindruletype': 'anonymous',
+ 'ipapermright': {'read', 'search', 'compare'},
+ 'ipapermdefaultattr': {
+ 'createtimestamp', 'modifytimestamp', 'entryusn',
+ },
+ },
+ 'System: Read Creator and Modifier Operational Attributes': {
+ 'ipapermlocation': api.env.basedn,
+ 'ipapermtargetfilter': {'(objectclass=*)'},
+ 'ipapermbindruletype': 'all',
+ 'ipapermright': {'read', 'search', 'compare'},
+ 'ipapermdefaultattr': {
+ 'creatorsname', 'modifiersname',
+ },
+ },
'System: Read IPA Masters': {
'replaces_global_anonymous_aci': True,
'ipapermlocation': DN('cn=masters,cn=ipa,cn=etc', api.env.basedn),
generated by cgit (git 2.34.1) at 2024-05-04 09:35:49 +0000